updated user roles

master
Amalka Subasinghe 3 years ago
parent c558cec88e
commit f9a9cff0b9

@ -86,14 +86,14 @@ import javax.ws.rs.core.Response;
name = "Get ApplicationDTO Details",
description = "Get application details",
key = "perm:app:publisher:view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/app-mgt/publisher/application/view"}
),
@Scope(
name = "Update an ApplicationDTO",
description = "Update an application",
key = "perm:app:publisher:update",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/app-mgt/publisher/application/update"}
)
}

@ -68,7 +68,7 @@ import java.util.List;
name = "Delete Application Release",
description = "Delete Application Release",
key = "perm:admin:app:publisher:update",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/app-mgt/publisher/admin/application/update"}
)
}

@ -65,14 +65,14 @@ scopes = {
name = "Update a Review",
description = "Update a Review of application.",
key = "perm:admin:app:review:update",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/app-mgt/publisher/admin/review/update"}
),
@Scope(
name = "Get Review Details",
description = "Get review details of application.",
key = "perm:admin:app:review:view",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/app-mgt/publisher/admin/review/view"}
)
}

@ -68,7 +68,7 @@ import javax.ws.rs.core.Response;
name = "Get Application Details",
description = "Get application details",
key = "perm:app:store:view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/app-mgt/store/application/view"}
)
}

@ -73,14 +73,14 @@ import java.util.List;
name = "Get Review Details",
description = "Get review details from application store.",
key = "perm:app:review:view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/app-mgt/store/review/view"}
),
@Scope(
name = "Update a Review",
description = "Update a Review from the application store.",
key = "perm:app:review:update",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/app-mgt/store/review/update"}
),
}

@ -70,14 +70,14 @@ import java.util.List;
name = "Install an ApplicationDTO",
description = "Install an application",
key = "perm:app:subscription:install",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/app-mgt/store/subscription/install"}
),
@Scope(
name = "Uninstall an Application",
description = "Uninstall an application",
key = "perm:app:subscription:uninstall",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/app-mgt/store/subscription/uninstall"}
)
}

@ -63,7 +63,7 @@ scopes = {
name = "Update a Review",
description = "Update a Review of applications.",
key = "perm:admin:app:review:update",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/app-mgt/store/admin/review/update"}
)
}

@ -67,7 +67,7 @@ import java.util.List;
name = "View Application Subscriptions",
description = "View Application Subscriptions.",
key = "perm:admin:app:subscription:view",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/app-mgt/store/admin/subscription/view"}
)
}

@ -41,7 +41,7 @@ import javax.ws.rs.core.Response;
name = "Sign CSR",
description = "Sign CSR",
key = "perm:sign-csr",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/certificates/manage"}
)
}

@ -45,35 +45,35 @@ import javax.ws.rs.core.Response;
name = "Adding a new SSL certificate",
description = "Adding a new SSL certificate",
key = "perm:admin:certificates:add",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/certificates/add"}
),
@Scope(
name = "Getting Details of an SSL Certificate",
description = "Getting Details of an SSL Certificate",
key = "perm:admin:certificates:details",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/certificates/details"}
),
@Scope(
name = "Getting Details of Certificates",
description = "Getting Details of Certificates",
key = "perm:admin:certificates:view",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/certificates/view"}
),
@Scope(
name = "Deleting an SSL Certificate",
description = "Deleting an SSL Certificate",
key = "perm:admin:certificates:delete",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/certificates/delete"}
),
@Scope(
name = "Verify SSL certificate",
description = "Verify SSL certificate",
key = "perm:admin:certificates:verify",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/certificates/verify"}
)
}

@ -71,28 +71,28 @@ import java.util.List;
name = "View configurations",
description = "",
key = "perm:view-configuration",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/platform-configurations/view"}
),
@Scope(
name = "Manage configurations",
description = "",
key = "perm:manage-configuration",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/platform-configurations/manage"}
),
@Scope(
name = "Getting Details of Device tenants",
description = "Getting Details of Device tenants",
key = "perm:admin:tenant:view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/tenants/view"}
),
@Scope(
name = "Add a permission to the permission tree",
description = "Add a permission to the permission tree",
key = "perm:admin:permissions:add",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/permissions/add"}
)
}

@ -76,7 +76,7 @@ import javax.ws.rs.core.Response;
name = "Get activities",
description = "Get activities",
key = "perm:get-activity",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
)
}

@ -68,49 +68,49 @@ import javax.ws.rs.core.Response;
name = "Create Event Stream Artifact",
description = "Create Event Stream Artifact",
key = "perm:analytics:artifacts:stream",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/analytics/artifacts/stream/add"}),
@Scope(
name = "Delete Stream Artifact",
description = "Delete Stream Artifact",
key = "perm:analytics:artifacts:stream:delete",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/analytics/artifacts/stream/delete"}),
@Scope(
name = "Create Event Receiver Artifact",
description = "Create Event Receiver Artifact",
key = "perm:analytics:artifacts:receiver",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/analytics/artifacts/receiver/add"}),
@Scope(
name = "Delete Receiver Artifact",
description = "Delete Receiver Artifact",
key = "perm:analytics:artifacts:receiver:delete",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/analytics/artifacts/receiver/delete"}),
@Scope(
name = "Create Event Publisher Artifact",
description = "Create Event Publisher Artifact",
key = "perm:analytics:artifacts:publisher",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/analytics/artifacts/publisher/add"}),
@Scope(
name = "Delete Publisher Artifact",
description = "Delete Publisher Artifact",
key = "perm:analytics:artifacts:publisher:delete",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/analytics/artifacts/publisher/delete"}),
@Scope(
name = "Create Siddhi Script Artifact",
description = "Create Siddhi Script Artifact",
key = "perm:analytics:artifacts:siddhi",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/analytics/artifacts/siddhi-script/add"}),
@Scope(
name = "Delete Siddhi Script Artifact",
description = "Delete Siddhi Script Artifact",
key = "perm:analytics:artifacts:siddhi:delete",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/analytics/artifacts/siddhi-script/delete"})
}
)

@ -69,14 +69,14 @@ import javax.ws.rs.core.Response;
name = "View configurations",
description = "",
key = "perm:view-configuration",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/platform-configurations/view"}
),
@Scope(
name = "Manage configurations",
description = "",
key = "perm:manage-configuration",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/platform-configurations/manage"}
)
}

@ -77,35 +77,35 @@ import java.util.Map;
name = "Enroll Device",
description = "Register a device",
key = "perm:device:enroll",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/add"}
),
@Scope(
name = "Modify Device",
description = "Modify a device",
key = "perm:device:modify",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/modify"}
),
@Scope(
name = "Disenroll Device",
description = "Disenroll a device",
key = "perm:device:disenroll",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/remove"}
),
@Scope(
name = "Publish Event",
description = "publish device event",
key = "perm:device:publish-event",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/event"}
),
@Scope(
name = "Getting Device Operation Details",
description = "Getting Device Operation Details",
key = "perm:device:operations",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
)
}

@ -51,14 +51,14 @@ import javax.ws.rs.core.Response;
name = "Add or Delete Event Definition for device type",
description = "Add or Delete Event Definition for device type",
key = "perm:device-types:events",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/device-type/add"}
),
@Scope(
name = "Get Events Details of a Device Type",
description = "Get Events Details of a Device Type",
key = "perm:device-types:events:view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
)
}

@ -107,77 +107,77 @@ import java.util.List;
name = "Getting Details of Registered Devices",
description = "Getting Details of Registered Devices",
key = "perm:devices:view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Getting Details of a Device",
description = "Getting Details of a Device",
key = "perm:devices:details",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Update the device specified by device id",
description = "Update the device specified by device id",
key = "perm:devices:update",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Delete the device specified by device id",
description = "Delete the device specified by device id",
key = "perm:devices:delete",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Getting Feature Details of a Device",
description = "Getting Feature Details of a Device",
key = "perm:devices:features",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Advanced Search for Devices",
description = "Advanced Search for Devices",
key = "perm:devices:search",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Getting Installed Application Details of a Device",
description = "Getting Installed Application Details of a Device",
key = "perm:devices:applications",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Getting Device Operation Details",
description = "Getting Device Operation Details",
key = "perm:devices:operations",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Get the details of the policy that is enforced on a device.",
description = "Get the details of the policy that is enforced on a device.",
key = "perm:devices:effective-policy",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Getting Policy Compliance Details of a Device",
description = "Getting Policy Compliance Details of a Device",
key = "perm:devices:compliance-data",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Change device status.",
description = "Change device status.",
key = "perm:devices:change-status",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/change-status"}
),
}

@ -87,28 +87,28 @@ import javax.ws.rs.core.Response;
name = "Getting the Supported Device Platforms",
description = "Getting the Supported Device Platforms",
key = "perm:device-types:types",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/device-type/view"}
),
@Scope(
name = "Get Feature Details of a Device Type",
description = "Get Feature Details of a Device Type",
key = "perm:device-types:features",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/device-type/features/view"}
),
@Scope(
name = "Get Config Details of a Device Type",
description = "Get Config Details of a Device Type",
key = "perm:device-types:configs",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/device-type/config/view"}
),
@Scope(
name = "Getting Details of Policies",
description = "Getting Details of Policies",
key = "perm:policies:get-details",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/view"}
)
}

@ -73,21 +73,21 @@ import java.util.List;
name = "View Analytics",
description = "",
key = "perm:geo-service:analytics-view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view-analytics"}
),
@Scope(
name = "Manage Alerts",
description = "",
key = "perm:geo-service:alerts-manage",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/manage-alerts"}
),
@Scope(
name = "Manage Geo Fences",
description = "",
key = "perm:geo-service:geo-fence",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/manage-geo-fence"}
)
}

@ -82,98 +82,98 @@ import java.util.List;
name = "Get the list of groups belongs to current user.",
description = "Get the list of groups belongs to current user.",
key = "perm:groups:groups",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/view"}
),
@Scope(
name = "Get the count of groups belongs to current user.",
description = "Get the count of groups belongs to current user.",
key = "perm:groups:count",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/view"}
),
@Scope(
name = "Add new device group to the system.",
description = "Add new device group to the system.",
key = "perm:groups:add",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/add"}
),
@Scope(
name = "View group specified",
description = "View group specified",
key = "perm:groups:groups-view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/view"}
),
@Scope(
name = "Update a group",
description = "Update a group",
key = "perm:groups:update",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/update"}
),
@Scope(
name = "Delete a group",
description = "Delete a group",
key = "perm:groups:remove",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/remove"}
),
@Scope(
name = "Manage group sharing with a user",
description = "Manage group sharing with a user",
key = "perm:groups:share",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/share"}
),
@Scope(
name = "View list of roles of a device group",
description = "View list of roles of a device group",
key = "perm:groups:roles",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/roles/view"}
),
@Scope(
name = "View list of devices in the device group",
description = "View list of devices in the device group",
key = "perm:groups:devices",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/devices/view"}
),
@Scope(
name = "View list of device count in the device group",
description = "View list of device count in the device group",
key = "perm:groups:devices-count",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/devices/view"}
),
@Scope(
name = "Add devices to group",
description = "Add devices to group",
key = "perm:groups:devices-add",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/devices/add"}
),
@Scope(
name = "Remove devices from group",
description = "Remove devices from group",
key = "perm:groups:devices-remove",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/devices/remove"}
),
@Scope(
name = "Assign devices to groups",
description = "Assign devices to groups",
key = "perm:groups:assign",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/devices/add"}
),
@Scope(
name = "List of groups that have the device",
description = "List of groups that have the device",
key = "perm:groups:device",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/devices/view"}
)
}

@ -73,28 +73,28 @@ import javax.ws.rs.core.Response;
name = "View metadata records",
description = "View metadata records",
key = "perm:metadata:view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/metadata/view"}
),
@Scope(
name = "Create a metadata record",
description = "Create a metadata record",
key = "perm:metadata:create",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/metadata/create"}
),
@Scope(
name = "Update a metadata record",
description = "Updating a specified metadata record",
key = "perm:metadata:update",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/metadata/update"}
),
@Scope(
name = "Delete a metadata record",
description = "Delete a specified metadata record",
key = "perm:metadata:remove",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/metadata/remove"}
)
}

@ -73,14 +73,14 @@ import javax.ws.rs.core.Response;
name = "Getting All Device Notification Details",
description = "Getting All Device Notification Details",
key = "perm:notifications:view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/notifications/view"}
),
@Scope(
name = "Updating the Device Notification Status",
description = "Updating the Device Notification Status",
key = "perm:notifications:mark-checked",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/notifications/view"}
)
}

@ -79,70 +79,70 @@ import java.util.List;
name = "Adding a Policy",
description = "Adding a Policy",
key = "perm:policies:manage",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"}
),
@Scope(
name = "Getting Details of Policies",
description = "Getting Details of Policies",
key = "perm:policies:get-details",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/view"}
),
@Scope(
name = "Getting Details of a Policy",
description = "Getting Details of a Policy",
key = "perm:policies:get-policy-details",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/view"}
),
@Scope(
name = "Updating a Policy",
description = "Updating a Policy",
key = "perm:policies:update",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"}
),
@Scope(
name = "Removing Multiple Policies",
description = "Removing Multiple Policies",
key = "perm:policies:remove",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"}
),
@Scope(
name = "Activating Policies",
description = "Activating Policies",
key = "perm:policies:activate",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"}
),
@Scope(
name = "Deactivating Policies",
description = "Deactivating Policies",
key = "perm:policies:deactivate",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"}
),
@Scope(
name = "Applying Changes on Policies",
description = "Applying Changes on Policies",
key = "perm:policies:changes",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"}
),
@Scope(
name = "Updating the Policy Priorities",
description = "Updating the Policy Priorities",
key = "perm:policies:priorities",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"}
),
@Scope(
name = "Fetching the Effective Policy",
description = "Fetching the Effective Policy",
key = "perm:policies:effective-policy",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/view"}
)
}

@ -61,7 +61,7 @@ import javax.ws.rs.core.Response;
name = "Remote Session Connection",
description = "",
key = "perm:remote-session-service:connect",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/remote-session"}
)
}

@ -66,7 +66,7 @@ import java.util.List;
name = "Getting Details of Registered Devices",
description = "Getting Details of Registered Devices",
key = "perm:devices:view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
}

@ -53,56 +53,56 @@ import java.util.List;
name = "Getting the List of Roles",
description = "Getting the List of Roles",
key = "perm:roles:view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/view"}
),
@Scope(
name = "Getting Permission Details of a Role",
description = "Getting Permission Details of a Role",
key = "perm:roles:permissions",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/view"}
),
@Scope(
name = "Getting the List of Roles",
description = "Getting the List of Roles",
key = "perm:roles:details",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/view"}
),
@Scope(
name = "Adding a Role",
description = "Adding a Role",
key = "perm:roles:add",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/manage"}
),
@Scope(
name = "Adding a combined Role",
description = "Adding a combined Role",
key = "perm:roles:create-combined-role",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/manage"}
),
@Scope(
name = "Updating Role Details",
description = "Updating Role Details",
key = "perm:roles:update",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/manage"}
),
@Scope(
name = "Deleting a Role",
description = "Deleting a Role",
key = "perm:roles:delete",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/manage"}
),
@Scope(
name = "Adding Users to a Role",
description = "Adding Users to a Role",
key = "perm:roles:add-users",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/manage"}
)
}

@ -97,91 +97,91 @@ import javax.ws.rs.core.Response;
name = "Adding a User",
description = "Adding a User",
key = "perm:users:add",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/manage"}
),
@Scope(
name = "Getting Details of a User",
description = "Getting Details of a User",
key = "perm:users:details",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/view"}
),
@Scope(
name = "Updating Details of a User",
description = "Updating Details of a User",
key = "perm:users:update",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/manage"}
),
@Scope(
name = "Deleting a User",
description = "Deleting a User",
key = "perm:users:delete",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/manage"}
),
@Scope(
name = "Getting the Role Details of a User",
description = "Getting the Role Details of a User",
key = "perm:users:roles",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/view"}
),
@Scope(
name = "Getting Details of Users",
description = "Getting Details of Users",
key = "perm:users:user-details",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/view"}
),
@Scope(
name = "Getting the User Count",
description = "Getting the User Count",
key = "perm:users:count",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/view"}
),
@Scope(
name = "Getting the User existence status",
description = "Getting the User existence status",
key = "perm:users:is-exist",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/view"}
),
@Scope(
name = "Searching for a User Name",
description = "Searching for a User Name",
key = "perm:users:search",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/view"}
),
@Scope(
name = "Changing the User Password",
description = "Adding a User",
key = "perm:users:credentials",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/login"}
),
@Scope(
name = "Sending Enrollment Invitations to Users",
description = "Sending Enrollment Invitations to Users",
key = "perm:users:send-invitation",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/manage"}
),
@Scope(
name = "Get activities",
description = "Get activities",
key = "perm:get-activity",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Getting the Permissions of the User",
description = "Getting the Permissions of the User",
key = "perm:user:permission-view",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/login"}
)
}

@ -67,14 +67,14 @@ import javax.ws.rs.core.Response;
name = "Installing an Application (Internal API)",
description = "Installing an Application (Internal API)",
key = "perm:applications:install",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/applications/manage"}
),
@Scope(
name = "Uninstalling an Application (Internal API)",
description = "Uninstalling an Application (Internal API)",
key = "perm:applications:uninstall",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/applications/manage"}
)
}

@ -67,7 +67,7 @@ import javax.ws.rs.core.Response;
name = "Verify device authorization",
description = "Verify device authorization",
key = "perm:authorization:verify",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/authorization/verify"}
)
}

@ -57,7 +57,7 @@ import javax.ws.rs.core.Response;
name = "Devicetype deployment",
description = "Deploy devicetype",
key = "perm:devicetype:deployment",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/devicetype/deploy"}
)
}

@ -94,21 +94,21 @@ import java.util.List;
name = "Getting Details of a Device",
description = "Getting Details of a Device",
key = "perm:admin:devices:view",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Update the Device Owner",
description = "Update the ownership of the device",
key = "perm:admin:devices:update-enrollment",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/devices/update-enrollment"}
),
@Scope(
name = "Permanently Delete the device specified by device id",
description = "Permanently Delete the device specified by device id",
key = "perm:devices:permanent-delete",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/devices/permanent-delete"}
)
}

@ -92,21 +92,21 @@ import javax.ws.rs.core.Response;
name = "Manage a Device Type",
description = "Add, Edit or View a Device Type",
key = "perm:admin:device-type",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/device-type"}
),
@Scope(
name = "Getting Details of a Device Type",
description = "Getting Details of a Device Type",
key = "perm:admin:device-type:view",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/device-type/view"}
),
@Scope(
name = "Add Device Type Config",
description = "Add Platform Config of a Device Type",
key = "perm:admin:device-type:configs",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/device-type/config"}
)
}

@ -70,21 +70,21 @@ import javax.ws.rs.core.Response;
name = "View groups",
description = "",
key = "perm:admin-groups:view",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/groups/view"}
),
@Scope(
name = "Count groups",
description = "",
key = "perm:admin-groups:count",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/groups/view"}
),
@Scope(
name = "Add groups",
description = "",
key = "perm:admin-groups:add",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/groups/add"}
)
}

@ -53,14 +53,14 @@ import javax.ws.rs.core.Response;
name = "View Users",
description = "View Users",
key = "perm:admin-users:view",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/users/manage"}
),
@Scope(
name = "Delete Users Device Information",
description = "Delete users device details",
key = "perm:admin-users:remove",
roles = {"admin"},
roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/users/manage"}
)
}

@ -22,6 +22,7 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.osgi.framework.BundleContext;
import org.osgi.service.component.ComponentContext;
import org.wso2.carbon.core.ServerStartupObserver;
import org.wso2.carbon.device.mgt.common.app.mgt.ApplicationManagementException;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService;
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfigurationManagementService;
@ -291,6 +292,9 @@ public class DeviceManagementServiceComponent {
TenantCreateObserver listener = new TenantCreateObserver();
bundleContext.registerService(Axis2ConfigurationContextObserver.class.getName(), listener, null);
UserRoleCreateObserver userRoleCreateObserver = new UserRoleCreateObserver();
bundleContext.registerService(ServerStartupObserver.class.getName(), userRoleCreateObserver, null);
/* Registering Device Management Service */
DeviceManagementProviderService deviceManagementProvider = new DeviceManagementProviderServiceImpl();
DeviceManagementDataHolder.getInstance().setDeviceManagementProvider(deviceManagementProvider);

@ -0,0 +1,64 @@
/*
* Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.core.internal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.core.ServerStartupObserver;
import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
public class UserRoleCreateObserver implements ServerStartupObserver {
private static final Log log = LogFactory.getLog(UserRoleCreateObserver.class);
@Override
public void completingServerStartup() {
}
@Override
public void completedServerStartup() {
String tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
String tenantAdminName = "admin";
try {
UserStoreManager userStoreManager =
DeviceManagementDataHolder.getInstance().getRealmService().getTenantUserRealm(
MultitenantConstants.SUPER_TENANT_ID).getUserStoreManager();
userStoreManager.addRole(
DeviceManagementConstants.User.DEFAULT_DEVICE_ADMIN,
new String[]{tenantAdminName},
DeviceManagementConstants.User.PERMISSIONS_FOR_DEVICE_ADMIN);
userStoreManager.addRole(
DeviceManagementConstants.User.DEFAULT_DEVICE_USER, null,
DeviceManagementConstants.User.PERMISSIONS_FOR_DEVICE_USER);
if (log.isDebugEnabled()) {
log.debug("Device management roles: " + DeviceManagementConstants.User.DEFAULT_DEVICE_USER + ", " +
DeviceManagementConstants.User.DEFAULT_DEVICE_ADMIN + " created for the tenant:" + tenantDomain + "."
);
log.debug("Tenant administrator: " + tenantAdminName + "@" + tenantDomain +
" is assigned to the role:" + DeviceManagementConstants.User.DEFAULT_DEVICE_ADMIN + "."
);
}
} catch (UserStoreException e) {
log.error("Error occurred while creating roles for the tenant: " + tenantDomain + ".");
}
}
}

@ -64,7 +64,7 @@ import javax.ws.rs.core.Response;
name = "View configurations",
description = "",
key = "perm:sms-handler:view-configuration",
roles = {"Internal/everyone"},
roles = {"Internal/devicemgt-user"},
permissions = {"/sms-handler/platform-configurations/view"}
)
})

Loading…
Cancel
Save